← back
CVE-2018-18248

CVE-2018-18248

EPSS 0.7%
Icinga Web 2 has XSS via the /icingaweb2/monitoring/list/services dir parameter, the /icingaweb2/user/list query string, the /icingaweb2/monitoring/timeline query string, or the /icingaweb2/setup query string.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00031.htmlhttps://herolab.usd.de/wp-content/uploads/sites/4/2018/12/usd20180028.txt